Self-healing using a virtual boot device

ABSTRACT

Methods, apparatus and computer program products implement embodiments of the present invention that enable a computer system comprising networked computers to self-heal from a boot failure of one of the computers. In some embodiments, upon detecting a first computer having a memory and a physical boot device failing to successfully load a boot image, a second computer defines a virtual boot device in communication with the first computer and the second computer and having a boot image for the first computer. Subsequent to defining the virtual boot device, the second computer can configure the first computer to boot from the virtual boot device.

CROSS-REFERENCE TO RELATED APPLICATIONS

This application is a Continuation of U.S. patent application Ser. No.13/830,081, filed on Mar. 14, 2013, and is related to U.S. patentapplication Ser. Nos. 13/829,612, 13/829,906, 13/830,019, and13/830,153, each filed Mar. 14, 2013, and which are incorporated hereinby reference.

FIELD OF THE INVENTION

The present invention relates generally to computer systems, andspecifically to configuring a computer to boot from a virtual bootdevice.

BACKGROUND

Operating systems manage the way software applications utilize thehardware of computer systems, such as storage controllers. A fundamentalcomponent of operating systems is the operating system kernel (alsoreferred to herein as a “kernel”), which provides secure computer systemhardware access to software applications executing on the computersystem. Since accessing the hardware can be complex, kernels mayimplement a set of hardware abstractions to provide a clean and uniforminterface to the underlying hardware. The abstractions provided by thekernel provide software developers easier access to the hardware whenwriting software applications.

Two common techniques for rebooting (i.e. restarting) an operatingsystem are a “cold boot” and a “warm boot”. During a cold boot, power toa computer system's volatile memory is cycled (i.e., turned off and thenturned on), and the operating system is rebooted. Since power is cut offto the memory, any contents (i.e., software applications and data)stored in the memory prior to the cold boot are lost. During a warmboot, the operating system reboots while power is still applied to thevolatile memory, thereby enabling the computer to skip some hardwareinitializations and resets. Additionally, during a warm boot the memorymay be reset.

In addition to a warm boot and a cold boot, the Linux operating systemoffers a method of rapidly booting a new operating system kernel via thekexec function. The kexec function first loads a new kernel into memoryand then immediately starts executing the new kernel. Using kexec toboot a new kernel is referred to a “hot” boot/reboot, since thecomputer's memory is not reset during the boot.

The description above is presented as a general overview of related artin this field and should not be construed as an admission that any ofthe information it contains constitutes prior art against the presentpatent application.

SUMMARY

There is provided, in accordance with an embodiment of the presentinvention a method, including defining, using a second computer, avirtual boot device having a boot image for a first computer having amemory and a physical boot device, and configuring the first computer toboot from the virtual boot device.

There is also provided, in accordance with an embodiment of the presentinvention an apparatus, including a first computer having a memory and aphysical boot device, and a second computer arranged to define a virtualboot device having a boot image for the first computer, and to configurethe first computer to boot from the virtual boot device.

There is further provided, in accordance with an embodiment of thepresent invention a computer program product, the computer programproduct including a non-transitory computer readable storage mediumhaving computer readable program code embodied therewith, the computerreadable program code including computer readable program codeconfigured to define a virtual boot device having a boot image for afirst computer having a memory and a physical boot device, and computerreadable program code configured to arrange the first computer to bootfrom the virtual boot device.

BRIEF DESCRIPTION OF THE DRAWINGS

The disclosure is herein described, by way of example only, withreference to the accompanying drawings, wherein:

FIG. 1 is a block diagram that schematically illustrates a storagesystem, in accordance with an embodiment of the present invention;

FIG. 2 is a block diagram of modules of the storage system configured toself-heal using a virtual boot device, in accordance with an embodimentof the present invention; and

FIG. 3 is a flow diagram that schematically illustrates a method ofself-healing using the virtual boot device, in accordance with anembodiment of the present invention.

DETAILED DESCRIPTION OF EMBODIMENTS

In computing, a boot comprises an initial set of operations that acomputer performs when electrical power is switched on (also referred toas power cycling). During a boot, a computer may load softwarecomponents such as an operating system kernel, services andapplications. The software components that are loaded during a boot aretypically stored in a system startup configuration file. For example,during a boot, a computer configured (i.e., “arranged”) as a storagesystem may load a Linux operating system kernel, a network TCP/IPservice and a storage application configured to process input/output(I/O) requests received from one or more host computers.

Software components that are loaded during a boot can be stored on aboot device as a boot image. When a computer system boots, the bootimage is retrieved and stored in memory as a software stack. In otherwords, a loaded software stack may comprise an in-memory representationof a corresponding boot image on a boot device.

In a computer network coupling a first computer to a second computer,there may be instances when upon power being cycled to the firstcomputer, the first computer fails to successfully boot (i.e., load andexecute) a boot image from the first computer's boot device. Embodimentsof the present invention provide methods and systems for the firstcomputer to recover from the failed boot by defining a virtual bootdevice for the first computer, and configuring the first computer toboot from the virtual boot device.

In some embodiments, if the second computer detects the first computerfailing to successfully load and execute a boot image, the secondcomputer can define a virtual boot device for the first computer,configure the first computer to boot from the virtual device, and powercycle the first computer. Upon power cycling, the first computer can nowload a boot image from the virtual boot device.

While the embodiments described herein relate generally to a storagesystem such as clustered storage controller, it will be understood thatembodiments of the present invention may also be used for other types ofnetworked computer systems.

FIG. 1 is a block diagram that schematically illustrates a dataprocessing storage subsystem 20, in accordance with an embodiment of theinvention. The particular subsystem (also referred to herein as astorage system) shown in FIG. 1 is presented to facilitate anexplanation of the invention. However, as the skilled artisan willappreciate, the invention can be practiced using other computingenvironments, such as other storage subsystems with diversearchitectures and capabilities.

Storage subsystem 20 receives, from one or more host computers 22,input/output (I/O) requests, which are commands to read or write data atlogical addresses on logical volumes. Any number of host computers 22are coupled to storage subsystem 20 by any means known in the art, forexample, using a network. Herein, by way of example, host computers 22and storage subsystem 20 are assumed to be coupled by a Storage AreaNetwork (SAN) 26 incorporating data connections 24 and Host Bus Adapters(HBAs) 28. The logical addresses specify a range of data blocks within alogical volume, each block herein being assumed by way of example tocontain 512 bytes. For example, a 10 KB data record used in a dataprocessing application on a given host computer 22 would require 20blocks, which the given host computer might specify as being stored at alogical address comprising blocks 1,000 through 1,019 of a logicalvolume. Storage subsystem 20 may operate in, or as, a SAN system.

Storage subsystem 20 comprises a clustered storage controller 34 coupledbetween SAN 26 and a private network 46 using data connections 30 and44, respectively, and incorporating adapters 32 and 42, againrespectively. In some configurations, adapters 32 and 42 may comprisehost bus adapters (HBAs). Clustered storage controller 34 implementsclusters of storage modules 36, each of which includes an interface 38(in communication between adapters 32 and 42), and a cache 40. Eachstorage module 36 is responsible for a number of storage devices 50 byway of a data connection 48 as shown.

As described previously, each storage module 36 further comprises agiven cache 40. However, it will be appreciated that the number ofcaches 40 used in storage subsystem 20 and in conjunction with clusteredstorage controller 34 may be any convenient number. While all caches 40in storage subsystem 20 may operate in substantially the same manner andcomprise substantially similar elements, this is not a requirement. Eachof the caches 40 may be approximately equal in size and is assumed to becoupled, by way of example, in a one-to-one correspondence with a set ofphysical storage devices 50, which may comprise disks. In oneembodiment, physical storage devices may comprise such disks. Thoseskilled in the art will be able to adapt the description herein tocaches of different sizes.

Each set of storage devices 50 comprises multiple slow and/or fastaccess time mass storage devices, herein below assumed to be multiplehard disks. FIG. 1 shows caches 40 coupled to respective sets of storagedevices 50. In some configurations, the sets of storage devices 50comprise one or more hard disks, which can have different performancecharacteristics. In response to an I/O command, a given cache 40, by wayof example, may read or write data at addressable physical locations ofa given storage device 50. In the embodiment shown in FIG. 1, caches 40are able to exercise certain control functions over storage devices 50.These control functions may alternatively be realized by hardwaredevices such as disk controllers (not shown), which are linked to caches40.

Each storage module 36 is operative to monitor its state, including thestates of associated caches 40, and to transmit configurationinformation to other components of storage subsystem 20 for example,configuration changes that result in blocking intervals, or limit therate at which I/O requests for the sets of physical storage areaccepted.

Routing of commands and data from HBAs 28 to clustered storagecontroller 34 and to each cache 40 may be performed over a networkand/or a switch. Herein, by way of example, HBAs 28 may be coupled tostorage modules 36 by at least one switch (not shown) of SAN 26, whichcan be of any known type having a digital cross-connect function.Additionally or alternatively, HBAs 28 may be coupled to storage modules36.

In some embodiments, data having contiguous logical addresses can bedistributed among modules 36, and within the storage devices in each ofthe modules. Alternatively, the data can be distributed using otheralgorithms, e.g., byte or block interleaving. In general, this increasesbandwidth, for instance, by allowing a volume in a SAN or a file innetwork attached storage to be read from or written to more than onegiven storage device 50 at a time. However, this technique requirescoordination among the various storage devices, and in practice mayrequire complex provisions for any failure of the storage devices, and astrategy for dealing with error checking information, e.g., a techniquefor storing parity information relating to distributed data. Indeed,when logical unit partitions are distributed in sufficiently smallgranularity, data associated with a single logical unit may span all ofthe storage devices 50.

While such hardware is not explicitly shown for purposes of illustrativesimplicity, clustered storage controller 34 may be adapted forimplementation in conjunction with certain hardware, such as a rackmount system, a midplane, and/or a backplane. Indeed, private network 46in one embodiment may be implemented using a backplane. Additionalhardware such as the aforementioned switches, processors, controllers,memory devices, and the like may also be incorporated into clusteredstorage controller 34 and elsewhere within storage subsystem 20, againas the skilled artisan will appreciate. Further, a variety of softwarecomponents, operating systems, firmware, and the like may be integratedinto one storage subsystem 20.

Storage devices 50 may comprise a combination of high capacity hard diskdrives and solid state disk drives. In some embodiments each of storagedevices 50 may comprise a logical storage device. In storage systemsimplementing the Small Computer System Interface (SCSI) protocol, thelogical storage devices may be referred to as logical units, or LUNs.While each LUN can be addressed as a single logical unit, the LUN maycomprise a combination of high capacity hard disk drives and/or solidstate disk drives.

Examples of adapters 32 and 42 include switched fabric adapters such asFibre Channel (FC) adapters, Internet Small Computer System Interface(iSCSI) adapters, Fibre Channel over Ethernet (FCoE) adapters andInfiniband™ adapters.

As will be appreciated by one skilled in the art, aspects of the presentinvention may be embodied as a system, method or computer programproduct. Accordingly, aspects of the present invention may take the formof an entirely hardware embodiment, an entirely software embodiment(including firmware, resident software, micro-code, etc.) or anembodiment combining software and hardware aspects that may allgenerally be referred to herein as a “circuit,” “module” or “system”.Furthermore, aspects of the present invention may take the form of acomputer program product embodied in one or more computer readablemedium(s) having computer readable program code embodied thereon.

Any combination of one or more computer readable medium(s) may beutilized. The computer readable medium may be a computer readable signalmedium or a computer readable storage medium. A computer readablestorage medium may be, for example, but not limited to, an electronic,magnetic, optical, electromagnetic, infrared, or semiconductor system,apparatus, or device, or any suitable combination of the foregoing. Morespecific examples (a non-exhaustive list) of the computer readablestorage medium would include the following: an electrical connectionhaving one or more wires, a portable computer diskette, a hard disk, arandom access memory (RAM), a read-only memory (ROM), an erasableprogrammable read-only memory (EPROM or Flash memory), an optical fiber,a portable compact disc read-only memory (CD-ROM), an optical storagedevice, a magnetic storage device, or any suitable combination of theforegoing. In the context of this document, a computer readable storagemedium may be any tangible medium that can contain, or store a programfor use by or in connection with an instruction execution system,apparatus, or device.

A computer readable signal medium may include a propagated data signalwith computer readable program code embodied therein, for example, inbaseband or as part of a carrier wave. Such a propagated signal may takeany of a variety of forms, including, but not limited to,electromagnetic, optical, or any suitable combination thereof. Acomputer readable signal medium may be any computer readable medium thatis not a computer readable storage medium and that can communicate,propagate, or transport a program for use by or in connection with aninstruction execution system, apparatus, or device.

Program code embodied on a computer readable medium may be transmittedusing any appropriate medium, including but not limited to wireless,wireline, optical fiber cable, RF, etc., or any suitable combination ofthe foregoing.

Computer program code for carrying out operations for aspects of thepresent invention may be written in any combination of one or moreprogramming languages, including an object oriented programming languagesuch as Python, Java, Smalltalk, C++ or the like and conventionalprocedural programming languages, such as the “C” programming languageor similar programming languages. The program code may execute entirelyon the user's computer, partly on the user's computer, as a stand-alonesoftware package, partly on the user's computer and partly on a remotecomputer or entirely on the remote computer or server. In the latterscenario, the remote computer may be connected to the user's computerthrough any type of network, including a local area network (LAN) or awide area network (WAN), or the connection may be made to an externalcomputer (for example, through the Internet using an Internet ServiceProvider).

Aspects of the present invention are described herein with reference toflowchart illustrations and/or block diagrams of methods, apparatus(systems) and computer program products according to embodiments of theinvention. It will be understood that each block of the flowchartillustrations and/or block diagrams, and combinations of blocks in theflowchart illustrations and/or block diagrams, can be implemented bycomputer program instructions. These computer program instructions maybe provided to a processor of a general purpose computer, specialpurpose computer, or other programmable data processing apparatus toproduce a machine, such that the instructions, which execute via theprocessor of the computer or other programmable data processingapparatus, create means for implementing the functions/actions specifiedin the flowchart and/or block diagram block or blocks. These computerprogram instructions may also be stored in a computer readable mediumthat can direct a computer, other programmable data processingapparatus, or other devices to function in a particular manner, suchthat the instructions stored in the computer readable medium produce anarticle of manufacture including instructions which implement thefunctions/actions specified in the flowchart and/or block diagram blockor blocks.

The computer program instructions may also be loaded onto a computer,other programmable data processing apparatus, or other devices to causea series of operational steps to be performed on the computer, otherprogrammable apparatus or other devices to produce a computerimplemented process such that the instructions which execute on thecomputer or other programmable apparatus provide processes forimplementing the functions/actions specified in the flowchart and/orblock diagram block or blocks.

Self-Healing from a Failed Boot

FIG. 2 is a block diagram of modules 36 configured to self-heal using aboot image 60 stored on a virtual boot device 62, in accordance with anembodiment of the present invention. In the description herein, modules36 and their respective components, data connections 44, 48 andconnected storage devices 50 may be differentiated by appending a letterto the identifying numeral, so that modules 36 comprise a first module36A and a second module 36B. Alternatively a given module 36 may just bereferred to as module 36. For purposes of clarity, not all components inmodule 36A are included in module 36B (i.e., in FIG. 2).

Module 36 comprises a module processor 64, a module memory 66, anon-volatile memory 67, a physical boot device 70 and a managementcontroller 72. Physical boot device 70 may comprise a storage devicesuch as a hard disk, an optical disk, a flash device (such as CompactFlash, USB stick or SDCard) or a solid state drive (SSD). Physical bootdevice 70 stores a boot loader 74 and boot image 60. In module 36A, bootloader 74A is typically stored on a master boot record of boot device70A.

Non-volatile memory 67 comprises a BIOS 68 configured to store power-onself-test (POST) procedures 76. When power is cycled to module 36,processor 64 can be configured to execute POST procedures 76, whichloads boot loader 74 to memory 66. In the embodiments described herein,POST procedures 76 can be configured to load (and start executing) agiven boot loader 74 from either physical boot device 70 or from a givenvirtual boot device 62.

In operation, boot loader 74 is configured to load a corresponding bootimage 60 (i.e., stored on the same physical boot device 70 or virtualboot device 62 as the boot loader), and store the components of theloaded boot image to a software stack 78 in memory 66. Each of the bootimages comprise an initial collection of components that boot loader 74can load, upon power being cycled to module 36.

Boot image 60 comprises a kernel 80, one or more services 82 and one ormore applications 84. As shown in module 36B, services 82 may comprise amanagement service 86 configured to detect hardware and/or softwarefailures in the other modules 36 storage controller 34. While theconfiguration in FIG. 2, shows management service 86 executing in module36B, other configurations are considered to be within the spirit andscope of the present invention. For purposes of system redundancy,multiple (but not necessarily all) modules 36 may execute managementservice 86 to detect failures in the storage controller.

Management controller 72 is configured to monitor operation of module36, and to reconfigure hardware and/or software settings as necessary inorder to optimize the module's performance. In the description herein,software components stored in management controller 72 differentiated byappending a letter to the identifying numeral, so that the softwarecomponents stored in management controller 72 comprise boot image 60C,virtual boot device 62C, boot loader 74C, kernel 80C, services 82C andapplications 84C.

Management controller 72 comprises a management processor 88, a volatilememory 90 and a non-volatile memory 92. While managing module 36,management processor 88 may be configured to power cycle module 36, andto communicate with the other modules 36 in storage controller 34.Additionally, as described hereinbelow, non-volatile memory 92 may beconfigured to store virtual boot device 62C.

Processor 64 typically comprises a general-purpose central processingunit (CPU), which is programmed in software to carry out the functionsdescribed herein. The software may be downloaded to module 36 inelectronic form, over a network, for example, or it may be provided onnon-transitory tangible media, such as optical, magnetic or electronicmemory media. Alternatively, some or all of the functions of processor64 may be carried out by dedicated or programmable digital hardwarecomponents, or using a combination of hardware and software elements.

Typically, management controller 72 is implemented as a “system-on-chip”(SOC), running an embedded software application. In this alternativeembodiment, the SOC may execute a software stack comprising a “standard”operating system (OS) and services (e.g., a Linux™ kernel and a webserver) that are typically not user-upgradeable. The SOC is typicallydedicated (i.e., not general purpose) and may be tightly controlled by avendor. In other words, upgrades are typically provided by the vendor(or manufacturer), and may be considered a “system firmware”, similar toBIOS 68.

The SOC may function as a robust, self-healing and self-sufficientsystem, configured to control processor 64 and the module processor'speripheral hardware, even when the controlled hardware malfunctions orcrashes. This robustness may be possible because the hardware andsoftware components of management controller 72 are typically designedto be self-sufficient and durable. Additionally, since managementcontroller 72 may be configured to run a “controlled” software designedfor a specific purpose (i.e., an end-user is typically not able to loadthe general purpose software stack to memory 90 or memory 92), themanagement controller can be more stable than kernel 80 running onprocessor 64, and therefore the management controller may be configuredto control the module processor.

While the embodiments describe herein have software stack 78 comprisingkernel 80, services 82 and applications 84, any organized collectioncomprising any number of components is considered to be within thespirit and scope of the present invention. For example, the collection(e.g., software stack 78) may comprise only kernel 80.

FIG. 3 is a flow diagram that schematically illustrates a method forstorage controller 34 to self-heal (i.e., from a failure of module 36A)using a given virtual boot device 62, in accordance with an embodimentof the present invention. In the embodiments described herein, uponpower cycling module 36A, POST 76A is initially configured to load bootloader 74A from physical boot device 70A.

In an initial step 100, power is cycled to module 36A, and processor 64Afails to boot (i.e., load and execute) boot image 60A from physical bootdevice 70A. The boot failure may be a result of a corrupted boot image60A or a problem with one of the physical regions storing the boot imageon physical boot device 70A. Alternatively, one of the softwarecomponents in boot image 60A may fail to execute properly. For example,a given service 82A (e.g., a TCP/IP service) may have been recentlyupgraded, and the given service crashes upon being executed.

In a detect step 102, management service 86 detects that module 36A hasfailed. To detect the failure, management service 86 may attempt tocommunicate with module 36A, and detects that module 36A is notresponding. For example, management service 86 may convey, via a unicasttransmission, a request to processor 64A, and not receive a reply withina given time period.

Upon detecting a failure of module 36A, management service 86 defines,in a definition step 104, a given virtual boot device 62 to serve agiven boot image 60. Typically, virtual boot device 62 comprises alogical volume on a storage device (or non-volatile memory) coupled tomodules 36A and 36B.

In a first embodiment, management service 86 conveys, via network 46,boot loader 74 and boot image 60 to management controller 72. Uponreceiving the software components, management processor 88A createsvirtual boot device 62C in non-volatile memory 92A, and stores thereceived boot loader 74C and boot image 60C to virtual boot device 62C.In a second embodiment, management service 86, creates virtual bootdevice 62B on storage device 50B (or any storage device 50 in storagecontroller 34), and stores boot loader 74B and boot image 60B to virtualboot device 62B. Typically, management service 86 defines virtual bootdevice 62 using the first embodiment for smaller boot images 60 (e.g.,less than 200 megabytes), and defines the virtual boot device using thesecond embodiment for larger boot images 60.

In embodiments where management service 86 defines a given virtual bootdevice 62B on storage device 50B, management controller 72A can map tothe virtual boot device by establishing a communication path betweenprocessor 88A and the management service, thereby enabling themanagement service to “serve” the virtual boot device to module 36A. Toestablish the communication path, management controller 72A may useprotocols such as Internet Small Computer System Interface (iSCSI),Common Internet File System (CIFS), Network Files System (NFS) andHypertext Transfer Protocol (HTTP).

In the first and the second embodiments described hereinabove,management service 86 may create boot images 60B and 60C from softwarestack 78B executing from memory 66B. Alternatively, management service86 may retrieve a factory default boot image (not shown) or a previousversion of the boot image (also not shown) from a given storage device50.

In an additional embodiment, management service 86 may be configured toreformat physical boot device 70A, to report and repair any detectedproblems, and to save software stack 78B (i.e., a “production” softwarestack 78) to the physical boot device.

Saving software stack 78B to physical boot device 70A is described inmore detail in U.S. patent application “Live Initialization of a BootDevice”, referenced above. Saving software stack 78B to a given virtualboot device 62 can be performed using the embodiments described in thereferenced U.S. patent application.

In a configuration step 106, management processor 88A configures BIOS 68to enable POST 76 and kernel 80 (executing in memory 66) to detect andboot from the defined virtual boot device (i.e., the virtual boot devicedefined using the first and the second embodiments described supra).Upon configuring BIOS 68, POST 78 and kernel 80 can access the definedvirtual boot device via (i.e., by communicating with) managementcontroller 72. In some embodiments, kernel 80 and POST 78 may trigger aSystem Management Interrupt (SMI) handler configured to “trap” access tothe virtual boot device. Alternatively, POST 78 may comprise specificfunctions that are configured to access management controller 72.

Upon configuring BIOS 68A, processor 88A power cycles module 36A in apower cycling step 108. In a first load step 110, processor 34A executesPOST procedures 76A and loads boot loader 74 from the defined virtualboot device to memory 66A, and starts executing the loaded boot loader.In a second load step 112, the loaded boot loader retrieves boot image60C from the defined virtual boot device and stores the components ofthe boot image to software stack 78A in memory 66A.

In a boot step 114, processor 64A starts executing (i.e., boots) kernel80A, and in a start step 116, processor 64A starts executing services82A and applications 84A. In some embodiments, upon successfullyexecuting kernel 80A, services 82A and applications 84A, processor 64A,in a save step 118, saves boot loader 74A and software stack 78A tophysical boot device 70A using embodiments described in U.S. patentapplication “Live Initialization of a Boot Device”, referenced above. Tosave the software stack, processor 64A can save the components ofsoftware stack 78A in memory 66A to boot image 60A on physical bootdevice 70A.

Subsequent to saving the boot loader and the software stack to the bootimage, processor 64A may convey a reconfiguration message to managementcontroller 72A requesting the management controller 72A to reconfigureBIOS 68A to boot from physical boot device 70A (i.e., upon next powercycling of module 36A). Finally, in a reconfiguration step 120,processor 88A reconfigures BIOS 68 to boot from physical boot device70A, and the method ends.

The flowchart and block diagrams in the Figures illustrate thearchitecture, functionality, and operation of possible implementationsof systems, methods and computer program products according to variousembodiments of the present invention. In this regard, each block in theflowchart or block diagrams may represent a module, segment, or portionof code, which comprises one or more executable instructions forimplementing the specified logical function(s). It should also be notedthat, in some alternative implementations, the functions noted in theblock may occur out of the order noted in the Figures. For example, twoblocks shown in succession may, in fact, be executed substantiallyconcurrently, or the blocks may sometimes be executed in the reverseorder, depending upon the functionality involved. It will also be notedthat each block of the block diagrams and/or flowchart illustration, andcombinations of blocks in the block diagrams and/or flowchartillustration, can be implemented by special purpose hardware-basedsystems that perform the specified functions or acts, or combinations ofspecial purpose hardware and computer instructions.

It will be appreciated that the embodiments described above are cited byway of example, and that the present invention is not limited to whathas been particularly shown and described hereinabove. Rather, the scopeof the present invention includes both combinations and subcombinationsof the various features described hereinabove, as well as variations andmodifications thereof which would occur to persons skilled in the artupon reading the foregoing description and which are not disclosed inthe prior art.

The invention claimed is:
 1. A method, comprising: defining, using asecond computer, a virtual boot device, the virtual boot device having aboot image for a first computer having a memory and a physical bootdevice, the virtual boot device in communication with the first computerand the second computer; subsequent to configuring the first computer,power cycling the first computer, and upon the power cycling, loading,by the first computer, the boot image from the virtual boot device to asoftware stack in the memory; configuring, by the second computer, thefirst computer to boot from the virtual boot device; wherein the secondcomputer is configured to define the virtual boot device in response todetecting a failure of the first computer, and detecting the failurecomprises the second computer conveying a request to the first computerand not receiving a response to the request; and subsequent to bootingthe first computer from the virtual boot device, automaticallyreconfiguring, by the second computer, the first computer to boot fromthe physical boot device upon a subsequent power cycle, wherein thesecond computer reconfigures the first computer by reformatting thephysical boot device of the first computer, reporting and repairingproblems of the physical boot device encountered during the reformattingto the second computer, saving a factory default boot image to thephysical boot device, and reconfiguring a basic input/output system(BIOS) of the first computer to switch from booting from the virtualboot device to the physical boot device of the first computer upon thesubsequent power cycle.
 2. The method according to claim 1, andcomprising saving the software stack to a physical boot device, andconfiguring the first computer to boot from the physical boot device. 3.The method according to claim 1, wherein the boot image comprises atleast one of an operating system kernel, a service, and a softwareapplication.
 4. The method according to claim 3, wherein loading theboot image comprises retrieving the one or more software components fromthe boot image, storing the retrieved one or more components to asoftware stack in a memory, and executing the one or more components inthe software stack.
 5. The method according to claim 1, whereinconfiguring the first computer comprises storing a boot loader and theboot image to the virtual boot device, mapping the virtual boot deviceto the first computer, and arranging the first computer to load the bootloader from the virtual boot device upon the power cycling, the bootloader configured to load the boot image.
 6. The method according toclaim 5, wherein the virtual boot device comprises a logical volume on astorage device coupled to the first and the second computer, andconfigured to store the boot loader and the boot image.